package cn.com.zsc.system;

import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Vector;

import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
import cn.com.zsc.system.vo.IndexMenuTreeVO;
import cn.com.zsc.util.Azdg;
import cn.com.zsc.util.ConstValue;

import com.jarp.db.DAO;

public class Index {
	/**
	 * 查询抽屉菜单
	 * 
	 * @param usercode
	 * @return
	 */
	@SuppressWarnings("unchecked")
	public String getProjectData(String userID) {
		// 查询抽屉菜单
		String sql = "select CL_CODE AS DEPT_CODE, CL_NAME AS DEPT_NAME from cm_commlist where PL_CODE=2 and CL_PCODE=-1";

		DAO dao = new DAO();
		Vector v = new Vector();
		Vector removeVector = new Vector(); 
		
		String rst = "";
		try {
			v = dao.getDataSet(ConstValue.DBNAME, sql);
			if (v != null && v.size() > 0) {
				for (int i=0; i<v.size(); i++) {
					Hashtable table = (Hashtable)v.get(i);
					if(!hasRoles(userID, table.get("DEPT_CODE").toString())) {
						removeVector.add(table);
					}
				}
				
				v.removeAll(removeVector);
				
				JSONArray json = new JSONArray();
				json = JSONArray.fromObject(v);
				rst = json.toString();
			}
		} catch (Exception ex) {
			ex.printStackTrace();
			return ConstValue.EMPTY_RECORD_NOT_PAGEING;
		}
		return rst;
	}

	@SuppressWarnings("unchecked")
	public String getMenuTree(String pid, String userID) {
		String sql = "select * from cm_commlist where PL_CODE=2 and CL_PCODE='"
				+ pid + "' ORDER BY IDX";

		DAO dao = new DAO();
		Vector v = new Vector();
		ArrayList al = new ArrayList();
		ArrayList menuList = getUserMenuList(userID);

		try {
			v = dao.getDataSet(ConstValue.DBNAME, sql);
			if (v != null && v.size() > 0) {
				for (int i = 0; i < v.size(); i++) {
					Hashtable hst = (Hashtable) v.get(i);
					IndexMenuTreeVO ctv = new IndexMenuTreeVO();
					
					ctv.setId(hst.get("CL_CODE").toString());
					ctv.setText(hst.get("CL_NAME").toString());
					ctv.setLinkUrl(hst.get("REMARKED").toString());
					
					boolean isLeaf = isLeaf(ctv.getId()); 
					if (!isLeaf) {
						ctv.setLeaf(false);
						ctv.setIconCls("folder");
						ctv.setChildren(getMenuTree(ctv.getId(), userID));
						if (!ctv.getChildren().equals(ConstValue.EMPTY_RECORD_NOT_PAGEING)) {
							al.add(ctv);
						} 
					} else {
						ctv.setLeaf(true);
						ctv.setIconCls("file");
						
						String id = ctv.getId();
						
						// 权限控制
						if(menuList.contains(id)) {
							al.add(ctv);	
						}
					}
				}
			}

			JSONArray json = new JSONArray();
			json = JSONArray.fromObject(al);
			
			return json.toString();
		} catch (Exception ex) {
			ex.printStackTrace();
			return ConstValue.EMPTY_RECORD_NOT_PAGEING;
		}
	}
	
	public boolean isLeaf(String currentCode)
	{
		String sql = "select * from cm_commlist where CL_PCODE='"+currentCode+"'";
		
		DAO dao = new DAO();
		
		try {
			Vector v = dao.getDataSet(ConstValue.DBNAME, sql);
			if (v != null && v.size() > 0) {
                return false;
			}
		} catch (Exception ex) {
			ex.printStackTrace();
		}
		
		return true;
	}
	
	private boolean hasRoles(String userID, String currentCode) {
		// 获取菜单最底层的叶节点
		ArrayList<String> leafs = getLastestLeaf(currentCode, new ArrayList<String>());
		
		try {
			String leafsStr = "";

			if (leafs.size() != 0) {
				// 拼装leafsStr
				for (int i = 0; i < leafs.size(); i++) {
					leafsStr += leafs.get(i) + ",";
				}

				leafsStr = leafsStr.substring(0, leafsStr.length() - 1);

				// 查询是否有权限 
				String sql = "select * from app_purview where MENUID in (" + leafsStr + ") and UID=" + userID;

				DAO dao = new DAO();
				
				Vector<Hashtable<String, String>> v = dao.getDataSet(ConstValue.DBNAME, sql);

				if (v != null && v.size() > 0) {
					return true;
				}
			}
		} catch (Exception ex) {
			ex.printStackTrace();
		}

		return false;
	}
	
	/**
	 * 获取菜单最底层的叶节点(注：用户和权限是用最底叶节点关联)
	 * @param currentCode
	 * @param leafs
	 * @return
	 */
	private ArrayList<String> getLastestLeaf(String currentCode, ArrayList<String> leafs) {
		String sql = "select CL_CODE from cm_commlist where CL_PCODE='" + currentCode + "'";
		
		DAO dao = new DAO();
		
		Vector<Hashtable<String, String>> v = new Vector<Hashtable<String, String>>();
		
		try {
			v = dao.getDataSet(ConstValue.DBNAME, sql);
			
			if (v != null) {
				for (int i = 0; i < v.size(); i++) {
					String childCode = v.get(i).get("CL_CODE");
					
					sql = "select CL_CODE from cm_commlist where CL_PCODE='" + childCode + "'";
					
					if (dao.getDataSet(ConstValue.DBNAME, sql) != null) {
						getLastestLeaf(childCode, leafs);
					} else {
						leafs.add(childCode);
					}
				}
			}
		} catch (Exception ex) {
			ex.printStackTrace();
		}
		
		return leafs;
	}
	
	private ArrayList getUserMenuList(String userID)
	{
		String sql = "select * from app_purview where UID='" + userID + "'";
		
		DAO dao = new DAO();
		
		ArrayList menuList = new ArrayList();
		
		try {
			Vector v = dao.getDataSet(ConstValue.DBNAME, sql);
			if(v!=null && v.size()>0) {
				for (int i=0; i<v.size(); i++) {
					Hashtable table = (Hashtable)v.get(i);
					menuList.add(table.get("MENUID"));
				}
			}
		} catch (Exception ex) {
			ex.printStackTrace();
		}
		
		return menuList;
	}
	
	/**
	 * 修改密码
	 */
	public String changePassword(String jso) {
		JSONObject jsobject = JSONObject.fromObject(jso);
		
		int userID = Integer.parseInt(jsobject.getString("userID"));
		String oldPassword = jsobject.getString("oldPassword");
		String newPassword = jsobject.getString("newPassword");
		
		String queryOldPwd = "select UPWD from app_login where UID=" + userID;
		
		try {
			DAO dao = new DAO();
			
			Vector<Hashtable<String, String>> v = dao.getDataSet(ConstValue.DBNAME, queryOldPwd);

			if (v != null && v.size() > 0) {
				String dbPassword = v.get(0).get("UPWD");
				if(oldPassword.equals(Azdg.decrypt(dbPassword))) {
					String changePwd = "update app_login set UPWD='"+ Azdg.encrypt(newPassword) + "' where UID=" + userID;
					
					int num = dao.execCommand(ConstValue.DBNAME, changePwd);
					
					if (num > 0) {
						return "success";
					} else {
						return "数据库操作失败";
					}
				} else {
					return "旧密码错误";
				}
			}
		} catch (Exception e) {
			e.printStackTrace();
			return ConstValue.EMPTY_RECORD_NOT_PAGEING;
		}
		
		return null;
	}
}
